Product Security Cloud Engineer

Life Unlimited. At Smith+Nephew, we design and manufacture technology that takes the limits off living.

We're on the lookout for an individual who is ready to make an impact in medical equipment industry. If you're eager to be part of a dynamic environment that fosters growth and collaboration, look no further. Explore our latest job opening for Product Security Cloud Engineer role and embark on a journey where your talents are valued and your potential is limitless. In collaboration with Global IT, R&D and Compliance Teams, will provide hands on cybersecurity architecture, engineering services with ultimate goal of ensuring Smith + Nephew products and their data is secure and resilient to cybersecurity threats. We encourage you to apply for this exciting opportunity. Let's craft the future together!

What will you be doing?

• Your will contribute, serve as the definitive voice of cybersecurity considerations for Smith + Nephew's portfolio of assigned technologies, capital devices, digital accessories, connected infrastructures and software applications.
• You will collaborate with a diverse cohort of internal customers to design, engineer, and ensure implementation of security requirements, controls and process governance needed to incorporate security through the entire lifecycle of a product (Development, Pre-Market, Post-Market and Retirement).
• Technical Cybersecurity Architecture and Engineering Services - Be responsible for the definition and ensure implementation of cybersecurity requirements and controls in support of multiple Smith + Nephew technologies.
• Product Security Risk Management and Threat Modelling - Lead the creation and maintenance of Product Cybersecurity Risk Registers and Threat Models throughout development lifecycle to identify and mitigate cybersecurity deficiencies as early in the development lifecycle as possible.
• Product Security Testing and Assessment - Lead execution and integration of cybersecurity testing, assessment activities throughout development lifecycle and to formulate mitigation strategies for cybersecurity deficiencies. Support the identification of technical solutions and ensure the integration of automated security tools and processes to help mitigate security vulnerabilities. This includes but is not limited to: Vulnerability Testing, Penetration Testing and Code Analysis, Endpoint Protections, etc.
• Incident Response - support standard methodology (ISO 29147/30111) product cyber security incident response (IR) activities.
• Secure-Software Development Life Cycle - Help develop and mature Global Product Security Strategy and (S-SDLC) to ensure robust cyber security controls are present and effective in our products from product conceptualization through commercial launch and ultimately product/product family decommissioning. Ensure ongoing awareness and understanding of emerging threats and industry standard processes.
• Outward Facing - Provide technical leadership and proficiency in communications with collaborators outside of Smith + Nephew. Help to answer questions regarding the security of different products. This includes but is not limited to: Regulators, Customers, Auditors, Industry Groups, Researchers, etc.

What will you need to be successful?

• Education: Bachelor's or equivalent experience or Master’s degree in Computer Science or Information Technology.
• Licenses/Certifications: Current CISM, CISSP, CRISC, or similar certification preferred.
• Experience: Minimum 5+ years of experience hands on cybersecurity experience in product/device security, application security, or IT information security.
• Good understanding of mitigating security controls. Vulnerability Management, Penetration Testing, Code Security.
• IT Risk and Vendor Risk Assessments, FDA and other medical device regulators.
• Good to have - FDA and other medical device regulators experience. Knowledge of cyber security standard frameworks such as HIPAA, FDA, ISO 27001/2, NIST CSF, and OWASP.
• Understanding of network infrastructure, including firewalls, web proxy and/or email architecture- particularly as they apply in a mitigating control functionality.
• Experience with different cloud computing platforms and the cloud security framework. Ability to craft, recommend, plan, guide, and support implementation of innovative security solutions.
• Understand the current Medical Device market, including what customers want to see with regards to product security
• Understanding of back-channels typically used by threat actors for malicious activity.
• Understanding of different connectivity protocols and any risks involved with them.
• Superb communication, collaboration, and relationship building and collaborator engagement skills.

You Unlimited.

We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve.

Inclusion, Diversity and Equity- Committed to Welcoming, Celebrating and Thriving on Diversity, Learn more about Employee Inclusion Groups on our website (https://www.smith-nephew.com/).

Other reasons why you will love it here!

• Your Future: Major Medical coverage + Policy exclusions and insurance non-medical limit. Educational Assistance.
• Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave.
• Your Wellbeing: Parents / Parents in Law’s Insurance (Employee Contribution of 8,000/- annually), Employee Assistance Program, Parental Leave.
• Flexibility: Hybrid Work Model (For most professional roles)
• Training: Hands-On, Team-Customized, Mentorship
• Extra Perks: Free Cab Transport facility for all employees, One Time Meal provided to all employees as per shift. Night Shift Allowances.

Stay connected and receive alerts for jobs like this by joining our talent community.

We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day.

Check our Glassdoor page for a glimpse behind the scenes and a sneak peek into You Unlimited, life, culture, and benefits at S+N.

Explore our new website and learn more about our mission, our team, and the opportunities we offer.

Stay connected and receive alerts for jobs like this by joining ourtalent community.

We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day. 

Check ourGlassdoor page for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S+N.

Explore our new website and learn more about our mission, our team, and the opportunities we offer.